<0.1% probability · 25.6th percentile — 2026-05-12
Affected versions
Tenda i12 1.0.0.11(3862)
Summary
This is a remote stack-based buffer overflow vulnerability affecting Tenda i12 wireless access points. The flaw impacts the formwrlSSIDset function in the wifiSSIDset endpoint, and can be triggered by manipulating the index or wl_radio input arguments. A remote attacker can exploit this issue to run arbitrary code on the affected device. Exploit code for this vulnerability is publicly available.
Remediation
Check for the latest official firmware updates from Tenda and apply any available security patches immediately. If no patch is available, restrict access to the device's management interface to only trusted network sources. Consider replacing the device if it is no longer supported by the vendor.
Exploit info
The exploit has been released to the public; public references are available at https://app.opencve.io/cve/CVE-2026-5609 or https://vulners.com/cve/CVE-2026-5609. | Potential exploit details can be searched in Exploit-DB or GitHub: https://www.exploit-db.com/search?cve=CVE-2026-5609 | https://github.com/search?q=CVE-2026-5609+exploit
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.